The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

Total49,300
Mitigations15,929
Stats
CVSS0
10
Affected software | Vulnerability
RiskDisclosed
safeinstall-cli< 0.10.2
NPM: SafeInstall agent guard shell parsing can miss raw package execution
8.8
3 hours ago
tarteaucitronjs< 1.33.0
NPM: tarteaucitron: data-cookie attribute can be used to delete arbitrary cookies
4.3
7 hours ago
@libp2p/gossipsub< 16.0.0
NPM: libp2p: CPU DoS via oversized IHAVE and IWANT control message arrays
7.5
7 hours ago
morgan>= 1.2.0, <= 1.10.1
NPM: morgan vulnerable to Log Forging via unneutralized control characters in :remote-user
5.3
8 hours ago
All-in-One Video Gallery<= 4.8.5
Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
6.4
16 hours ago
WP Hotel Booking<= 2.3.1
Reflected Cross-Site Scripting vulnerability
7.1
16 hours ago
Hide My WP Lite<= 1.3
Unauthenticated Path Traversal to Arbitrary File Read vulnerability
7.5
17 hours ago
UsersWP<= 1.2.65
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
8.8
17 hours ago
Super Forms<= 6.3.313
Unauthenticated Arbitrary File Upload vulnerability
10
17 hours ago
LoginPress Pro<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
17 hours ago
LoginPress Pro<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
17 hours ago
LoginPress Pro<= 6.2.3
Unauthenticated Authentication Bypass vulnerability
8.1
17 hours ago
Mail Mint<= 1.24.1
Authenticated (Administrator+) SQL Injection vulnerability
7.6
1 day ago
Logo Slider<= 5.5
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
KiviCare<= 4.4.0
Missing Authorization to Unauthenticated Payment Bypass and Appointment Status Manipulation vulnerability
5.3
1 day ago
JoomSport<= 5.7.9
Authenticated (Contributor+) SQL Injection vulnerability
6.5
1 day ago
Jeg Elementor Kit<= 3.2.6
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago
Invoice123<= 1.7.0
Missing Authorization to Authenticated (Subscriber+) Setting Modification vulnerability
4.3
1 day ago
Import and export users and customers<= 2.4.0
Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability
4.3
1 day ago
Hostel<= 1.1.7
Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
6.5
1 day ago